🔒

Security

Security

781
Skills
Home/Categories/Security

FFUF Web Fuzzing

Fast web fuzzer for discovering hidden content, directories, files, and vulnerabilities during penetration testing

195jthack
Security
Developer Tools

computer-forensics

Digital forensics analysis and investigation techniques

636mhattingpete
Security

file-deletion

Secure file deletion and data sanitization methods

636mhattingpete
Security

metadata-extraction

Extract and analyze file metadata for forensic purposes

636mhattingpete
Security

Codebase Auditor

Comprehensive codebase audit across 6 dimensions: architecture, code quality, security (OWASP Top 10), performance, testing coverage, and maintainability with prioritized action plan

636mhattingpete
Developer Tools
Security

Cybersecurity Skills

734+ structured cybersecurity skills mapped to MITRE ATT&CK framework for AI agents

24.0kmukul975
cybersecurity
mitre-attack
pentesting
incident-response

Trail of Bits Security Research

45 security research and vulnerability detection skills from Trail of Bits

6.0kTrail of Bits
security-research
fuzzing
static-analysis
vulnerability

Azure Keyvault Certificates Rust

Azure Key Vault Certificates SDK for Rust. Use for creating, importing, and managing certificates. Triggers: "keyvault certificates rust", "CertificateClient rust", "create certificate rust", "import ...

2.7k
Security

Azure Keyvault Keys Rust

Azure Key Vault Keys SDK for Rust. Use for creating, managing, and using cryptographic keys. Triggers: "keyvault keys rust", "KeyClient rust", "create key rust", "encrypt rust", "sign rust".

42.2kazure-keyvault-keys-rust
Security

Azure Keyvault Keys TS

Manage cryptographic keys using Azure Key Vault Keys SDK for JavaScript (@azure/keyvault-keys). Use when creating, encrypting/decrypting, signing, or rotating keys.

42.2kazure-keyvault-keys-ts
Security

Azure Keyvault Secrets TS

Manage secrets using Azure Key Vault Secrets SDK for JavaScript (@azure/keyvault-secrets). Use when storing and retrieving application secrets or configuration values.

42.2kazure-keyvault-secrets-ts
Security

Azure Monitor Query Py

Azure Monitor Query SDK for Python. Use for querying Log Analytics workspaces and Azure Monitor metrics. Triggers: "azure-monitor-query", "LogsQueryClient", "MetricsQueryClient", "Log Analytics", "Kus...

2.7k
Security

Azure Search Documents TS

Build search applications using Azure AI Search SDK for JavaScript (@azure/search-documents). Use when creating/managing indexes, implementing vector/hybrid search, semantic ranking, or building ag...

42.2kazure-search-documents-ts
Security

Netlify Deploy

Deploy web projects to Netlify using the Netlify CLI (`npx netlify`). Use when the user asks to deploy, host, publish, or link a site/repo on Netlify, including preview and production deploys.

23.2k.curated
Security

Slides

Create and edit presentation slide decks (`.pptx`) with PptxGenJS, bundled layout helpers, and render/validation utilities. Use when tasks involve building a new PowerPoint deck, recreating slides fro...

23.2k.curated
Security

Agentic Actions Auditor

Audits GitHub Actions workflows for security vulnerabilities in AI agent integrations including Claude Code Action, Gemini CLI, OpenAI Codex, and GitHub AI Inference. Detects attack vectors where atta...

6.0k
Security

Ahrefs Automation

Automate SEO research with Ahrefs -- analyze backlink profiles, research keywords, track domain metrics history, audit organic rankings, and perform batch URL analysis through the Composio Ahrefs inte...

66.6k
Security

Azure Appconfiguration Py

Azure App Configuration SDK for Python. Use for centralized configuration management, feature flags, and dynamic settings. Triggers: "azure-appconfiguration", "AzureAppConfigurationClient", "feature f...

2.7k
Security

Azure Communication Common Java

Azure Communication Services common utilities for Java. Use when working with CommunicationTokenCredential, user identifiers, token refresh, or shared authentication across ACS services.

42.2kazure-communication-common-java
Security

Azure Eventhub Dotnet

Azure Event Hubs SDK for .NET. Use for high-throughput event streaming: sending events (EventHubProducerClient, EventHubBufferedProducerClient), receiving events (EventProcessorClient with checkpointi...

2.7k
Security

Azure Eventhub Py

Azure Event Hubs SDK for Python streaming. Use for high-throughput event ingestion, producers, consumers, and checkpointing. Triggers: "event hubs", "EventHubProducerClient", "EventHubConsumerClient",...

2.7k
Security

Azure Keyvault Py

Azure Key Vault SDK for Python. Use for secrets, keys, and certificates management with secure storage. Triggers: "key vault", "SecretClient", "KeyClient", "CertificateClient", "secrets", "encryption ...

2.7k
Security

Azure Keyvault Secrets Rust

Azure Key Vault Secrets SDK for Rust. Use for storing and retrieving secrets, passwords, and API keys. Triggers: "keyvault secrets rust", "SecretClient rust", "get secret rust", "set secret rust".

42.2kazure-keyvault-secrets-rust
Security

Azure Security Keyvault Keys Dotnet

Azure Key Vault Keys SDK for .NET. Client library for managing cryptographic keys in Azure Key Vault and Managed HSM. Use for key creation, rotation, encryption, decryption, signing, and verification....

2.7k
Security

Azure Security Keyvault Keys Java

Azure Key Vault Keys Java SDK for cryptographic key management. Use when creating, managing, or using RSA/EC keys, performing encrypt/decrypt/sign/verify operations, or working with HSM-backed keys.

42.2kazure-security-keyvault-keys-java
Security

Azure Security Keyvault Secrets Java

Azure Key Vault Secrets Java SDK for secret management. Use when storing, retrieving, or managing passwords, API keys, connection strings, or other sensitive configuration data.

42.2kazure-security-keyvault-secrets-java
Security

Burpsuite Project Parser

Searches and explores Burp Suite project files (.burp) from the command line. Use when searching response headers or bodies with regex patterns, extracting security audit findings, dumping proxy histo...

42.2kburpsuite-project-parser
Security

Differential Review

Performs security-focused differential review of code changes (PRs, commits, diffs). Adapts analysis depth to codebase size, uses git history for context, calculates blast radius, checks test coverage...

6.0k
Security

Gh Address Comments

Help address review/issue comments on the open GitHub PR for the current branch using gh CLI; verify gh auth first and prompt the user to authenticate if not logged in.

14.5k
Security

LaunchDarkly Automation

Automate LaunchDarkly feature flag management -- list projects and environments, create and delete trigger workflows, and track code references via the Composio MCP integration.

66.6k
Security

Sample Skill

Text processor --- **name**: sample-text-processor **tier**: basic **category**: text processing **dependencies**: none (python standard library only) **author**: claude skills engineering.

19.7k
Security

Security Best Practices

Perform language and framework specific security best-practice reviews and suggest improvements. Trigger only when the user explicitly requests security best practices guidance, a security review/repo...

23.2k.curated
Security

Semgrep

Run Semgrep static analysis scan on a codebase using parallel subagents. Supports two scan modes — "run all" (full ruleset coverage) and "important only" (high-confidence security vulnerabilities). Au...

6.0k
Security

Sharp Edges

Identifies error-prone APIs, dangerous configurations, and footgun designs that enable security mistakes. Use when reviewing API designs, configuration schemas, cryptographic library ergonomics, or ev...

6.0k
Security

Spec To Code Compliance

Verifies code implements exactly what documentation specifies for blockchain audits. Use when comparing code against whitepapers, finding gaps between specs and implementation, or performing complianc...

6.0k
Security

Supply Chain Risk Auditor

Identifies dependencies at heightened risk of exploitation or takeover. Use when assessing supply chain attack surface, evaluating dependency health, or scoping security engagements.

42.2ksupply-chain-risk-auditor
Security

Variant Analysis

Find similar vulnerabilities and bugs across codebases using pattern-based analysis. Use when hunting bug variants, building CodeQL/Semgrep queries, analyzing security vulnerabilities, or performing s...

6.0k
Security

Web Design Guidelines

Review UI code for Web Interface Guidelines compliance. Use when asked to \"review my UI\", \"check accessibility\", \"audit design\", \"review UX\", or \"check my site aga...

42.2kweb-design-guidelines
Security

Zeroize Audit

Detects missing zeroization of sensitive data in source code and identifies zeroization removed by compiler optimizations, with assembly-level analysis, and control-flow verification. Use for auditing...

42.2kzeroize-audit
Security

Audit Context Building

Enables ultra-granular, line-by-line code analysis to build deep architectural context before vulnerability or bug finding.

6.0k
Security

All Security skills

showing 60 of 781
00-action-guard

【最高优先级】操作守卫。任何工具调用前必须先完成权限检查!AI 在执行任何非日常对话的操作前,必须先调用 permission-gate 验证权限。

007

Security audit, hardening, threat modeling (STRIDE/PASTA), Red/Blue Team, OWASP checks, code review,...

112-java-maven-plugins

Use when you need to add or configure Maven plugins in your pom.xml — including quality tools (enfor...

124-java-secure-coding

Use when you need to apply Java secure coding best practices — including validating untrusted inputs...

1claw

HSM-backed secret management for AI agents — store, retrieve, rotate, and share secrets via the 1Cla...

1password-cli

This skill allows agents to securely access and manage secrets using the 1Password CLI (`op`) and a ...

1password-credential-lookup

This skill should be used when agents need to log into websites, retrieve passwords, or access crede...

1password-hardened

Set up and use 1Password CLI (op). Use when installing the CLI, enabling desktop app integration, si...

1password-sa

Securely inject secrets from 1Password into agent workflows. Uses service accounts with op run/.env....

1password

Set up and use 1Password CLI (op). Use when installing the CLI, enabling desktop app integration, si...

360Guard

360-degree comprehensive security review Skill. Use before installing any Skill from ClawHub, GitHub...

404-frameworks-quarkus-security

Use when you need to design, review, or improve security in Quarkus applications — including Quarkus...

504-frameworks-micronaut-security

Use when you need to design, review, or improve security in Micronaut applications — including micro...

a2a-vault

Zero-knowledge secrets management via PassBox — store, retrieve, rotate, and inject credentials secu...

aap

Agent Attestation Protocol - The Reverse Turing Test. Verify AI agents, block humans.

absolute-audit

Vulnerability and security scan (defensive, your own repo): dependency CVEs plus risky code patterns...

abyousef739__clawskillshield

**Local-first security scanner for OpenClaw/ClawHub skills.**

acquiring-disk-image-with-dd-and-dcfldd

Create forensically sound bit-for-bit disk images using dd and dcfldd while preserving evidence inte...

active-directory-attacks

This skill should be used when the user asks to "attack Active Directory", "exploit AD", "Kerberoast...

aegis-audit

Deep behavioral security audit for AI agent skills and MCP tools. Performs deterministic static anal...

Aegis Firewall

Strict semantic firewall with Human-in-the-Loop execution authorization. Airgaps external data and e...

aegis-intel-stack

This skill bundle provides a reference implementation + packaging for the MVP offerings:

aegis-shield

Prompt-injection and data-exfiltration screening for untrusted text. Use before summarizing web/emai...

aethercore

AetherCore v3.3.4 - Security-focused final release. High-performance JSON optimization with universa...

aflpp

AFL++ is a fork of AFL with better fuzzing performance and advanced features. Use for multi-core fuz...

afrexai-ai-safety-audit

Comprehensive AI safety and alignment audit framework for businesses deploying AI agents. Built arou...

afrexai-cybersecurity-engine

Complete cybersecurity assessment, threat modeling, and hardening system. Use when conducting securi...

afrexai-cybersecurity

You are a cybersecurity risk assessment specialist. When the user needs a security audit, threat ass...

afrexai-incident-response

Structured incident response for business and IT teams. Guides you through detection, triage, contai...

afrexai-sre-platform

Complete Site Reliability Engineering system — from SLO definition through incident response, chaos ...

age-verification

Skills for age verification and age-appropriate content filtering.

agent-attestation

Portable reputation system for agents v3 - Ed25519 signatures, input validation, handoff KV

agent-audit-scanner

Security scanner for OpenClaw skills. Detects prompt injection, credential leaks, unsafe code execut...

agent-audit-shield

The ultimate security auditor for local AI agents. It performs real-time heuristic scanning of every...

agent-audit-trail

Tamper-evident, hash-chained audit logging for AI agents. EU AI Act compliant.

agent-bom-compliance

AI compliance and policy engine — evaluate scan results against OWASP LLM Top 10, MITRE ATLAS, EU AI...

agent-bom-runtime

AI runtime security monitoring — context graph analysis, runtime audit log correlation with CVE find...

agent-bom-scan

Security scanner for AI infrastructure — discovers MCP clients and servers, checks packages for CVEs...

agent-card-signing-auditor

Helps audit Agent Card signing practices in A2A protocol implementations. Identifies missing signatu...

agent-comm-skill

This skill provides the security and networking foundation for AI Agent swarms. It handles DID (Dece...

agent-guardrails

Stop AI agents from secretly bypassing your rules. Mechanical enforcement with git hooks, secret det...

agent-hardening

Test your agent's input sanitization against common injection attacks. Runs self-contained checks us...

agent-hush

Invisible privacy guardian for agent workspaces. Automatically intercepts outbound actions (git push...

agent-safety

Outbound safety for autonomous AI agents — scans YOUR output before it leaves the machine. Git pre-c...

agent-security-audit

エージェント向けプロンプト・インジェクション防御チェックリスト

agent-security-auditor

Scans ERC-8004 agents for security vulnerabilities and generates comprehensive security reports.

agent-security-patterns

Help AI agents recognize and respond to potentially malicious skill patterns from public registries....

agent-security-skill-scanner

AI Agent 技能安全扫描器 - 检测恶意技能、后门代码、权限滥用 (Beta 版本)

agent-security

Security hardening for AI agents. Audit your workspace for leaked secrets, check file permissions, v...

Agent Self-Assessment

Security self-assessment tool for AI agents. Run this against your own configuration to get a struct...

agent-skill-trust-check

Static pre-install trust review for SKILL.md, OpenClaw, Hermes, MCP, and agent-skill marketplace pac...

agent-skills-tools

Security audit and validation tools for the Agent Skills ecosystem. Scan skill packages for common v...

agentaudit-skill

Automatic security gate that checks packages against a vulnerability database before installation. U...

agentgate-security

AgentGate is a real-time policy enforcement layer that intercepts every tool call your OpenClaw agen...

agentguard-tech

**Skill Name:** `agent-security`

agentkeys

Secure credential proxy for AI agents. Make API calls through AgentKeys — real secrets never leave t...

agentpin

**Purpose**: This guide helps AI assistants work with AgentPin for domain-anchored cryptographic age...

agentsecly-ai-agent-security

Generate AI agent security advisories with threat analysis, MITRE ATT&CK mapping, and remediation gu...

agentsecrets

```yaml

agntcy-identity

AGNTCY Identity Issuer CLI and Node Backend for managing verifiable agent identities, metadata, and ...

Related Guides

If you are an AI agent

Query this directory over HTTP

This site is a searchable directory of harness components for AI coding agents. Fetch objective JSON — names, descriptions, stars, and source links. Installation and selection are yours to decide.

GET https://claudeskills.info/api/v1/search?q=ui%2Fux
GET https://claudeskills.info/api/v1/search?type=subagent&q=review
GET https://claudeskills.info/api/v1/meta
See https://claudeskills.info/llms.txt